Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

Daily Report Tuesday, December 12, 2006

Daily HighlightsThe HeraldNet reports thieves, in a quest for copper wire, carted off thousands of feet of downed power lines during the recent snowstorm that struck Snohomish County, Washington, slowing efforts to restore electricity and endangering their lives. (See item 3)·The Department of State's Bureau of Diplomatic Security in partnership with the Department of Homeland Security is distributing hundreds of wanted terrorist posters −− identifying 26 known terrorists −− at U.S. airports during the holiday season. (See item 15)·The Department of Homeland Security has announced the results of the national interoperability baseline survey of first responders and law enforcement officials that assesses progress in achieving interoperable communications; approximately two−thirds of emergency response agencies across the nation use interoperable communications in varying degrees. (See item 30)

Information Technology and Telecommunications Sector

31.December 11, IDG News Service— Project checks Java code for security bugs. Fortify Software and the FindBugs project have launched a free service that will scan open−source Java software for bugs in the code. The Java Open Review project (JOR) lets open−source projects run audits of their source code using Fortify's source code analysis software and the University of Maryland's FindBugs tool. With developers focusing on more secure software development practices, the Java community needs more advanced bug−finding tools like JOR, said Barmak Meftah, vice president of product and services, with Fortify. "Everybody understands that the cheapest and easiest point to find and fix security bugs is at the time of implementation," he said.JOR Project Website: http://opensource.fortifysoftware.com/welcome.html;jsessionid=ECB74504E47DB4531F9EAEF9F34ECC46Source: http://www.infoworld.com/article/06/12/11/HNcheckjavacode_1. html

33.December 11, CNET News— Microsoft pitching Vista security feature. Microsoft is pitching a security feature in Windows Vista as a boon for consumer online safety, but others think its benefits lie elsewhere. The software maker is promoting the use of Windows Security Center, a feature in the long−awaited operating system, as a way for Websites and third−party software programs to gauge the security status of customer PCs. This could be used to deny computers that aren't fully protected access to online services, which ultimately is good for user safety, Microsoft said. Microsoft is actively pitching the possibility of the PC security checks to banks and online retailers. The feature was actually introduced in Windows XP Service Pack 2, in August 2004, but Microsoft hasn't talked about it much. Though they say Microsoft's goal is noble, others don't expect many consumer Websites or online services to start conducting PC security checks. According to Microsoft's own data, about 70 percent of consumers aren't running up−to−date anti−virus protection. That's a large number of potential customers a business could lose, analysts said.Source: http://news.com.com/Playing+it+safe+with+Windows+Vista/2100−7355_3−6142265.html?tag=nefd.top

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"